mcafee techcheck CVE-2019-3667 is a vulnerability in McAfee Techcheck
Published on December 11, 2019

DLL Search Order Hijacking
DLL Search Order Hijacking vulnerability in the Microsoft Windows client in McAfee Tech Check 3.0.0.17 and earlier allows local users to execute arbitrary code via the local folder placed there by an attacker.

NVD

Vulnerability Analysis

CVE-2019-3667 can be exploited with local system access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a high impact on integrity, and a small impact on availability.

Attack Vector:
LOCAL
Attack Complexity:
HIGH
Privileges Required:
LOW
User Interaction:
REQUIRED
Scope:
CHANGED
Confidentiality Impact:
LOW
Integrity Impact:
HIGH
Availability Impact:
LOW

Products Associated with CVE-2019-3667

Want to know whenever a new CVE is published for McAfee Techcheck? stack.watch will email you.

McAfee Techcheck
 

Affected Versions

McAfee, LLC McAfee TechCheck:

Exploit Probability

EPSS
0.10%
Percentile
28.24%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.